CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,428 Commits 24 Branches 119 Tags
5b77dc109ff6d2175372c2dba2bfaeb4e92eb1b9
Commit Graph

471 Commits

Author SHA1 Message Date
m0duspwnens
5b77dc109f Merge remote-tracking branch 'remotes/origin/dev' into issue/1257 2021-09-16 16:54:23 -04:00
m0duspwnens
3ce48acadd change cluster_settings to config 2021-09-16 16:44:31 -04:00
m0duspwnens
5526a2bc3a reduce defaults.yaml 2021-09-16 15:32:08 -04:00
m0duspwnens
889d235c45 no box type more manager in true cluster 2021-09-16 09:15:24 -04:00
m0duspwnens
782b01e76f seed_hosts to list 2021-09-15 17:07:52 -04:00
m0duspwnens
3bf9685df8 fix seed_hosts append 2021-09-15 17:00:16 -04:00
m0duspwnens
4cf91f6c86 fix dict update 2021-09-15 15:51:00 -04:00
m0duspwnens
a43b37f234 fix dict update 2021-09-15 15:49:18 -04:00
m0duspwnens
e0dc62b6e9 fix dict update 2021-09-15 15:43:47 -04:00
m0duspwnens
c213834316 update the dict 2021-09-15 15:24:40 -04:00
Josh Brower
c06668c68e Merge pull request #5527 from Security-Onion-Solutions/feature/so-import-evtx 
Feature/so import evtx
 2021-09-15 14:17:15 -04:00
Josh Brower
a75238bc3f so-import-evtx - fix ingest formatting 2021-09-15 14:13:16 -04:00
m0duspwnens
1614b70853 update cluster name if true cluster 2021-09-15 13:45:43 -04:00
m0duspwnens
1a03853a7c fix extend 2021-09-15 13:38:29 -04:00
m0duspwnens
e0faa4c75b Merge branch 'issue/1257' of https://github.com/Security-Onion-Solutions/securityonion into issue/1257 2021-09-15 13:09:35 -04:00
m0duspwnens
e3e2e1d851 logic for truecluster to map file 2021-09-15 13:09:04 -04:00
m0duspwnens
551dba955c set roles empty list 2021-09-15 09:20:33 -04:00
Mike Reeves
2ffb723bbd Rename so-common-template.json to so-common-template.json.jinja 2021-09-14 13:58:45 -04:00
m0duspwnens
0534a2dda3 Merge remote-tracking branch 'remotes/origin/dev' into issue/1257 2021-09-13 15:04:50 -04:00
m0duspwnens
f8ab0ac8a9 config changes 2021-09-13 15:04:39 -04:00
m0duspwnens
0ae09cc630 config changes 2021-09-13 09:49:56 -04:00
m0duspwnens
93f2cd75a4 add the jinja template 2021-09-09 10:19:46 -04:00
m0duspwnens
f06ab8b77d testing defaults.yaml 2021-09-09 08:55:36 -04:00
Jason Ertel
19a02baa7c Merge pull request #5425 from Security-Onion-Solutions/kilo 
Auth enhancements
 2021-09-07 13:10:36 -04:00
Jason Ertel
3c59579f99 Add maintenance privilege for analysts to refresh indices 2021-09-07 13:03:30 -04:00
Jason Ertel
72cff7ec7a Merge branch 'dev' into kilo 2021-09-07 10:49:08 -04:00
Mike Reeves
e3900606dc Enable index sorting by default but allow it to be disabled 2021-09-04 10:42:18 -04:00
Rob Waight
b7591093cf Add index sorting to so-common-template.json 
Add index sorting to so-common-template.json
 2021-09-04 09:45:03 -04:00
Jason Ertel
94ea1f856b Add auditor role; update analyst role with correct syntax 2021-09-03 15:59:48 -04:00
Jason Ertel
fbbb7f4e85 Add auditor role; update analyst role with correct syntax 2021-09-03 15:54:05 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Mike Reeves
a27263435a Add Templates for all filebeat modules 2021-08-27 14:41:04 -04:00
Mike Reeves
f8cdf5bca3 Add Templates for all filebeat modules 2021-08-27 14:39:02 -04:00
Josh Brower
7b93f355e2 so-import-evtx - timestamp extraction 2021-08-25 15:17:19 -04:00
m0duspwnens
a27569f20b remove source when contents provided 2021-08-25 12:32:17 -04:00
m0duspwnens
fd1e632386 cleanup yaml 2021-08-25 12:08:43 -04:00
m0duspwnens
0681d29bb0 starting es pillarization 2021-08-25 10:23:06 -04:00
Mike Reeves
71bbb41b5f Merge branch 'dev' into bravo 2021-08-04 10:57:10 -04:00
William Wernert
8a49039b85 Only append source.ip to logscan.source.ips if it's been created 2021-08-02 09:50:49 -04:00
William Wernert
4f39cd1d7f Add logscan dynamic object to so-common template mappings 2021-07-30 16:02:02 -04:00
William Wernert
2a6277c0c3 Fix field names in logscan pipeline 2021-07-30 15:46:39 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
0b06d0bfdb Merge branch 'dev' into foxtrot 2021-07-29 15:15:25 -04:00
Jason Ertel
4c6447a3da merge 2.3.61 MSEARCH hotfix into dev 2021-07-29 15:00:58 -04:00
Mike Reeves
a42d8c9229 Fix Manager Search 2021-07-28 17:03:14 -04:00
doug
3d3593a1a9 FIX: Suricata dns.response.code needs to be renamed to dns.response.code_name #4770 2021-07-22 09:50:21 -04:00
Mike Reeves
09165daab8 Several Suricata things 2021-07-21 09:10:33 -04:00
William Wernert
9bf1d3e0c6 Misc fixes 2021-07-16 14:59:44 -04:00
William Wernert
3a12d28d20 Merge branch 'dev' into feature/logscan 2021-07-16 14:13:19 -04:00
Wes Lambert
05aad07bfc Replace staging path with processed path for analyzed files 2021-07-14 15:04:46 +00:00